<?php
//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//
// DLMan by Shedd Technologies International		  				//
// http://www.dlman.com | info@dlman.com							//
// Copyright 2003 by STI, All rights reserved.						//
// ---------------------------------------------------------------- //
// Usage of this software is governed by the terms of GPL. 	    	//
//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//

require_once("global.php");
ob_start();//start content buffer
//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\
	//show/edit user preferences for the present user
	
	if(!isset($edit)){//check to see if edit var is set
		/*
		print out a form field for each below bit
		have the user submit the form with editted fields
		password blank for no change - click on link to change = popup
		for each field, check against DB values - if change, edit
		*/
		$result=mysql_query("SELECT * FROM ".$config->dt['user']." WHERE ".$config->field['username']."='$account';");
		$value=mysql_fetch_array($result);
		?>
			<script language="JavaScript" type="text/javascript">
			//validate email address
			function validEmail(email){
				invalidChars=" /:,;";
				if(email==""){
					return false
				}
				for(i=0; i<invalidChars.length; i++){
					badChar = invalidChars.charAt(i);
					if(email.indexOf(badChar,0)>-1){
						return false
					}
				}//end for
				atPos=email.indexOf("@",1);
				if(atPos==-1){
					return false
				}
				if(email.indexOf("@",atPos+1)>-1){
					return false
				}
				periodPos=email.indexOf(".",atPos);
				if(periodPos==-1){
					return false
				}
				if(periodPos+3 > email.length){
					return false
				}
				return true
			}//end validEmail
			
			function submitIt(prefForm){
				if(!validEmail(prefForm.emailaddress.value)){
					alert("Invalid Email Address");
					prefForm.emailaddress.focus();
					prefForm.emailaddress.select();
					return false
				}
				return true
			}//end submitIt
			
			function passChg(){
				window.open('passchg.php?<?php print session_name()."=".session_id()?>', 'newwindow', config='height=400, width=400, toolbar=no, menubar=no, scrollbars=yes, resizable=yes, location=no, directories=no, status=no')
			}//end passChg
			
			//show status bar messages
			var statusmsg="Change your password"
			function statusbar(){
				window.status=statusmsg
				return true
			}
			
			var statusmsg1=""
			function statusbar2(){
				window.status=statusmsg1
				return true
			}
			//end show status bar message functions
			</script>
			<style type="text/css">
			<!--
			.prefinput{
				color: #333333;
				font-family: Verdana, Arial, Helvetica, sans-serif;
				font-size: 11px;
				font-weight: normal;
				border-color: #333333;
				text-indent: 2px; 
				border-top-width: 1px;
				border-right-width: 1px;
				border-bottom-width: 1px;
				border-left-width: 1px; 
				background: #f8f8f8;
			}
			-->
			</style>
			<P><STRONG>User Information for <?php print $account; ?></STRONG></P>
			<P>
			<form onSubmit="return submitIt(this)" action="<?php print $PHP_SELF; ?>?loc=pref" method="post" name="prefs">
			<input type="hidden" name="edit" value="true">
			<input type="hidden" name="id" value="<?php print $value[$config->field['userid']]; ?>">
			<P>
			Username:&nbsp;<?php print $value[$config->field['username']];?><br>
			Password:&nbsp;****** (<a href="javascript:passChg()" onMouseover="return statusbar()" onMouseout="return statusbar2()">click to change</a>)
			</P>
			<P>
			Email Address:&nbsp;<input class="prefinput" type="text" name="emailaddress" value="<?php print $value[$config->field['email']];?>" size="25"><br>
			</P>
			<input type="submit" value="Modify" class="button">
			</form>
			<hr color="Gray" size="1" width="65%">
		<?php
	}
	elseif($edit==true){
		//check for id
			if(!isset($id)){
				die("ID not found!");
			}
			else{
			//make changes
		
				$sqlcode=array(
				"UPDATE ".$config->dt['user']." SET ".$config->field['email']."='$emailaddress' WHERE ".$config->field['userid']."=$id",
				);
				
				$err=false;
				foreach($sqlcode as $sql){
					$result="";
					if(!$result=mysql_query($sql)){
						print "<p>Error in updating data!<br>";
						print mysql_error();
						print '<br><a href="';
						print $PHP_SELF;
						print '?loc=pref">Click Here to try again</a><br><br>';
						print "$sql</p>";
						$err=true;
					}//end error
				}//end loop
				
				if($err!=true){
					?>
						<STRONG><FONT face=Verdana size=2>All preferences have been updated.</FONT></STRONG>
					<?php
						print '<p><a href="';
						print $PHP_SELF;
						print '?loc=pref">Click Here to Continue</a></p>';
				}//end no error
			}//end else
	}//end edit=true
//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\
$content=ob_get_contents();//store content to global buffer var
ob_end_clean();
?>